Technology

John Duffy lives by a simple principle: explore the forest, build the bridges, illuminate the path.

When someone asks "what's really going on here?" he digs in. When they say "go build it," he writes the code. And when someone says "we need to tell others," he shares what he learned as an international speaker (ATLSecCon, BlackHat, BSides, RSA Conference) and trainer, having trained hundreds of developers and security professionals on secure design, coding, and infrastructure.

He started in smartcard security at CRYPTOCard, building authentication systems used by 40,000 people at Mount Sinai and throughout the British National Health Service. That work won Best-of-Show at Comdex and MacWorld.

He has built and managed teams including those that delivered the first issued high-security ePassport, the first digitally signed Drivers License, and the first general-public Mobile Drivers License.

He has most recently built a security team from scratch that now extends to Canada, the US, and Europe, charged with protecting systems designated as critical national infrastructure, relied upon by millions of citizens.

He has been recognized by the Government of Canada for outstanding security research.

Favorite Projects

Plan B-eer - A Reverse Engineered, Self-Contained Infrastructure for PicoBrew Z.
An automated IOT brewing system that is used by breweries (such as Isley Brewing in Virginia) and homebrewers to make production beer.

OpenSC - Smartcard tools and middleware that allow apps to talk to smartcards on multiple platforms. Worked on an implementation for embedded devices to allow both SCADA and mobile devices to use a Personal Identity Verfication (PIV) smart card.

Lighttwist - a tool for blending multiple projectors together in a seamless whole. Updated for XFCE and support for the blending for Panasonic projectors. Code